A security analyst wants to confirm a finding from a penetration test report on the internal web server. To do so, the analyst logs into the web server using SSH to send the request locally. The report provides a link to https://hrserver.internal/../../etc/passwd, and the server IP address is 10.10.10.15. However, after several attempts, the analyst cannot get the file, despite attempting to get it using different ways, as shown below....

Questions › Category: CS0-001 › A security analyst wants to confirm a finding from a penetration test report on the internal web server. To do so, the analyst logs into the web server using SSH to send the request locally. The report provides a link to https://hrserver.internal/../../etc/passwd, and the server IP address is 10.10.10.15. However, after several attempts, the analyst cannot get the file, despite attempting to get it using different ways, as shown below….

0 Vote Up Vote Down

Admin Staff asked 6 months ago

A security analyst wants to confirm a finding from a penetration test report on the internal web server. To do so, the analyst logs into the web server using SSH to send the request locally. The report provides a link to https://hrserver.internal/../../etc/passwd, and the server IP address is 10.10.10.15.
However, after several attempts, the analyst cannot get the file, despite attempting to get it using different ways, as shown below.
 
Which of the following would explain this problem? (Choose two.)

A. The web server uses SNI to check for a domain name

B. Requests can only be sent remotely to the web server

C. The password file is write protected

D. The web service has not started

E. There is no local name resolution for hrserver internal.






 

Suggested Answer: A





This question is in CS0-001 CompTIA Cybersecurity Analyst (CySA+) Exam
For getting CompTIA Cybersecurity Analyst (CySA+) Certificate



Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.

When reviewing the system logs, the cybersecurity analyst noticed a suspicious log entry: wmic /node: HRDepartment1 computersystem get username Which of the following combinations describes what occurred, and what action should be taken in this situation?

Given the following code: Which of the following types of attacks is occurring?

AZ-104 Practice Test Free

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password

When reviewing the system logs, the cybersecurity analyst noticed a suspicious log entry: wmic /node: HRDepartment1 computersystem get username Which of the following combinations describes what occurred, and what action should be taken in this situation?

Given the following code: Which of the following types of attacks is occurring?

AZ-104 Practice Test Free

Related Questions

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password